DERUUA

Latest news about information security vulnerabilities, threats, incidents and events

information security incidents

Prevention of security vulnerabilities, threats, and incidents described below is wiser and cheaper than forensic investigations and mitigation of the consequences of a cyber-attack.

You can get evidence of this fact from the news below.

Use our services to find and mitigate your security vulnerabilities before the security threat agents find them.




Huawei Not Totally Banned From France, Says Watchdog: Report

Read the original article: Huawei Not Totally Banned From France, Says Watchdog: Report China’s Huawei is not totally banned from France’s next-generation 5G wireless market, but French operators using them will only get limited licences, the head of the national cybersecurity agency told Les Echos newspaper Sunday...
More details.

Posted on 6 July 2020 10:33 am


The iOS clipboard saga is a testament to Apple’s privacy-first approach

— Jeremy Burge (@jeremyburge) June 24, 2020 The company — owned by the Chinese firm, Bytedance — fixed this snooping in an update on June 27, three days after it was first brought to the public’s attention...
More details.

Posted on 6 July 2020 10:31 am


China detains professor who criticised Xi over coronavirus

BEIJING: Chinese authorities on Monday detained a law professor who published essays criticising President Xi Jinping over the coronavirus pandemic and his efforts to consolidate power, according to friends of the man...
More details.

Posted on 6 July 2020 9:59 am


Behave – A New Browser Extension to Find web sites that Perform Browser-Based Port Scans or Attack

Read the original article: Behave – A New Browser Extension to Find web sites that Perform Browser-Based Port Scans or Attack A new browser extension published dubbed Behave! that warns the user if the website tries to perform a port scan or launch DNS based attacks...
More details.

Posted on 6 July 2020 8:35 am


Design & Implementation of OEM ICS Cybersecurity Frameworks: The Good, The Bad, and The Ugly

Design & Implementation of OEM ICS Cybersecurity Frameworks: The Good, The Bad, and The Ugly. The cyber threat landscape today continues to pose a myriad of unique challenges. This is especially the case for industrial organizations due to factors such as aging equipment, poor design or implementation, skills gaps and a lack of visibility...
More details.

Posted on 6 July 2020 4:36 am


Iran hints a cyber attack caused fire at nuclear facility - The Christian Science Monitor

A fire at Iran's underground Natanz nuclear facility has caused significant damage that could slow the development of advanced centrifuges used to enrich uranium, an Iranian nuclear official said on Sunday...
More details.

Posted on 6 July 2020 3:35 am


France won't ban Huawei, but encouraging 5G telcos to avoid it - report

The head of the French cybersecurity agency ANSSI said there would not be a total ban on using equipment from Huawei in the rollout of the French 5G telecoms network, but that it was pushing French telcos to avoid switching to the Chinese company...
More details.

Posted on 6 July 2020 2:26 am


Foreign cyber criminals take aim at Americans working from home | TheHill - The Hill

Federal officials and experts are warning that foreign cyber criminals are targeting U.S. businesses and Americans who are working from home on less-secure networks during the COVID-19 pandemic. Millions of Americans have shifted to working at home indefinitely to help halt the spread of COVID-19,...
More details.

Posted on 6 July 2020 12:34 am


Huawei will be dumped from UK's 5G network over security risks after concerning intelligence report

Huawei will be dumped over 5G security risks after a damning intelligence report said that within seven years mobile infrastructure could be compromised Huawei is set to be axed from the UK's 5G network due to security concerns; Ministers are expected to approve the ban on Huawei products in...
More details.

Posted on 5 July 2020 9:08 pm


E-Verify’s “SSN Lock” is Nothing of the Sort

One of the most-read advice columns on this site is a 2018 piece called “ Plant Your Flag, Mark Your Territory ,” which tried to impress upon readers the importance of creating accounts at websites like those at the , the IRS and others before crooks do it for you...
More details.

Posted on 5 July 2020 7:29 pm


UK minister denies discreet plans to stop Huawei’s 5G involvement

LONDON: China’s Huawei has clear conditions to meet for Britain to continue to allow its involvement in the development of 5G telecoms infrastructure, Britain’s health minister said on Sunday, after a report that the firm would be banned from the project...
More details.

Posted on 5 July 2020 2:06 pm


Insiders Remain Biggest Threat to Company Security

The number of insider-related cybersecurity incidents in East Africa has increased by 55% in the last three months as most companies lacking active monitoring of their IT infrastructure transitioned to remote work occasioned by the COVID-19 pandemic...
More details.

Posted on 5 July 2020 1:00 pm


US Cyber Command urges F5 customers to patch critical BIG-IP flaw

F5 Networks (F5) patched a critical remote code execution (RCE) vulnerability found in undisclosed pages of Traffic Management User Interface (TMUI) of the BIG-IP application delivery controller (ADC)...
More details.

Posted on 5 July 2020 1:00 pm


CISA warns organizations of cyberattacks from the Tor network

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) is warning enterprises of cyberattacks launched from the Tor network. Threat actors leverage the Tor network to hide the real source of their attacks and avoid that their C2 infrastructure could be identified and shut down by...
More details.

Posted on 5 July 2020 10:05 am


UK PM Johnson to phase out Huawei's 5G role within months - The Telegraph

Business UK PM Johnson to phase out Huawei's 5G role within months - The Telegraph. British Prime Minister Boris Johnson is expected to begin phasing out the use of Chinese tech giant Huawei's technology in Britain's 5G network as soon as this year, The Daily Telegraph reported on Saturday...
More details.

Posted on 5 July 2020 6:47 am


Vigil@nce - Linux kernel: information disclosure via SSBD Shutdown, analyzed on 19/06/2020

Synthesis of the vulnerability An attacker can bypass access restrictions to data via SSBD Shutdown of the Linux kernel, in order to obtain sensitive information. Vulnerable software: Severity of this announce: 1/4...
More details.

Posted on 4 July 2020 7:41 am


‘State-backed’ group spying on Indians: Report

After seven years of targeting countries in West Asia and Europe, a sophisticated and resilient cyber espionage group, Promethium, has shifted its focus to India, claimed experts. By compromising the download files of widely-used softwares, it has been stealing documents and encrypted...
More details.

Posted on 4 July 2020 6:14 am


Child Identity Thief Receives 259 Months in Federal Prison after Running a $3.3 Million Scheme

Child Identity Thief Receives 259 Months in Federal Prison after Running a $3.3 Million Scheme. U.S. District Judge R. Gary Klausner, sentenced 50-year-old Turhan Lemont Armstrong to more than 21 years in federal prison yesterday for running a $3...
More details.

Posted on 3 July 2020 9:02 pm


Samba Releases Security Updates

The Samba Team has released security updates to address vulnerabilities in multiple versions of Samba. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to...
More details.

Posted on 3 July 2020 5:13 pm


Apache Guacamole Vulnerable to Reverse RDP Vulnerabilities

Demonstration of how attackers could use Apache Guacamole to run remote code execution (Source: Check Point Research) Apache Guacamole, a popular, open-source application that allows for administrators or employees to remotely connect to Windows or Linux devices, contains several vulnerabilities...
More details.

Posted on 3 July 2020 4:12 pm


Hacked by Police

French police hacked EncroChat secure phones, which are widely used by criminals: Encrochat's phones are essentially modified Android devices, with some models using the "BQ Aquaris X2," an Android handset released in 2018 by a Spanish electronics company, according to the leaked documents...
More details.

Posted on 3 July 2020 4:11 pm


Hacker Held 22,900 MongoDB Databases to Ransom by Threatening to Report Firms for GDPR Violations!

Hackers are once again finding unsecured MongoDB databases left exposed on the internet, wiping their contents, & then leaving a ransom note asking for a cryptocurrency payment for the data’s safe return...
More details.

Posted on 3 July 2020 3:11 pm


Artificial Intelligence (AI) in Cyber Security Market Type, Application, Specification, Technology and Forecast to 2025

Summary: – Artificial Intelligence (AI) in Cyber Security Market 2020-2025: Wiseguyreports.Com Adds “Artificial Intelligence (AI) in Cyber Security – Market Demand, Growth, Opportunities, Manufacturers and Analysis of Top Key Players to 2025” To Its Research Database...
More details.

Posted on 3 July 2020 12:52 pm


AA20-183A: Defending Against Malicious Cyber Activity Originating from Tor

Original release date: July 1, 2020 | Last revised: July 2, 2020. Summary. This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) and Pre-ATT&CK framework...
More details.

Posted on 2 July 2020 1:00 am


AA20-182A: EINSTEIN Data Trends – 30-day Lookback

Original release date: June 30, 2020. Summary. Cybersecurity and Infrastructure Security Agency (CISA) analysts have compiled the top detection signatures that have been the most active over the month of May in our national Intrusion Detection System (IDS), known as EINSTEIN...
More details.

Posted on 30 June 2020 2:34 pm


AA20-133A: Top 10 Routinely Exploited Vulnerabilities

Original release date: May 12, 2020. Summary. The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the broader U.S. Government are providing this technical guidance to advise IT security professionals at public and private sector organizations to place an increased priority on patching the most commonly known vulnerabilities exploited by sophisticated foreign cyber actors...
More details.

Posted on 12 May 2020 1:00 pm


AA20-126A: APT Groups Target Healthcare and Essential Services

Original release date: May 5, 2020. Summary. This is a joint alert from the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC)...
More details.

Posted on 5 May 2020 12:58 pm


AA20-120A: Microsoft Office 365 Security Recommendations

Original release date: April 29, 2020. Summary. As organizations adapt or change their enterprise collaboration capabilities to meet “telework” requirements, many organizations are migrating to Microsoft Office 365 (O365) and other cloud collaboration services...
More details.

Posted on 29 April 2020 2:41 pm


AA20-107A: Continued Threat Actor Exploitation Post Pulse Secure VPN Patching

Original release date: April 16, 2020 | Last revised: June 30, 2020. Summary. Note: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework...
More details.

Posted on 16 April 2020 1:21 pm


AA20-106A: Guidance on the North Korean Cyber Threat

Original release date: April 15, 2020 | Last revised: June 23, 2020. Summary. The U.S. Departments of State, the Treasury, and Homeland Security, and the Federal Bureau of Investigation are issuing this advisory as a comprehensive resource on the North Korean cyber threat for the international community, network defenders, and the public...
More details.

Posted on 15 April 2020 12:31 pm


AA20-099A: COVID-19 Exploited by Malicious Cyber Actors

Original release date: April 8, 2020. Summary. This is a joint alert from the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC)...
More details.

Posted on 8 April 2020 12:00 pm


AA20-073A: Enterprise VPN Security

Original release date: March 13, 2020 | Last revised: April 15, 2020. Summary. As organizations prepare for possible impacts of Coronavirus Disease 2019 (COVID-19), many may consider alternate workplace options for their employees...
More details.

Posted on 13 March 2020 12:08 pm


SweynTooth Vulnerabilities

This ALERT details vulnerabilities in SweynTooth's Bluetooth Low Energy (BLE) proof-of-concept (PoC) exploit code. This report was released without coordination with some of the affected vendors and without advance coordination with CISA...
More details.

Posted on 3 March 2020 3:20 pm


AA20-049A: Ransomware Impacting Pipeline Operations

Original release date: February 18, 2020 | Last revised: June 30, 2020. Summary. Note: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™) framework...
More details.

Posted on 18 February 2020 1:06 pm


Mitsubishi Electric Europe B.V. smartRTU and INEA ME-RTU (Update A)

This updated alert is a follow-up to the original alert titled ICS-ALERT-19-225-01 Mitsubishi Electric smartRTU and INEA ME-RTU that was published August 13, 2019, on the ICS webpage on us-cert.gov. CISA is aware of a public report of a proof-of-concept (PoC) exploit code vulnerability affecting Mitsubishi Electric smartRTU devices...
More details.

Posted on 10 September 2019 2:30 pm


CAN Bus Network Implementation in Avionics

CISA is aware of a public report of insecure implementation of CAN bus networks affecting aircraft. According to this report, the CAN bus networks are exploitable when an attacker has unsupervised physical access to the aircraft...
More details.

Posted on 30 July 2019 1:00 pm


DICOM Standard in Medical Devices

NCCIC is aware of a public report of a vulnerability in the DICOM (Digital Imaging and Communications in Medicine) standard with proof-of-concept (PoC) exploit code. The DICOM standard is the international standard to transmit, store, retrieve, print, process, and display medical imaging information...
More details.

Posted on 11 June 2019 4:15 pm


Meltdown and Spectre Vulnerabilities (Update J)

This updated alert is a follow-up to the updated alert titled ICS-ALERT-18-011-01 Meltdown and Spectre Vulnerabilities (Update I) that was published September 11, 2018, on the NCCIC/ICS-CERT website.
More details.

Posted on 11 January 2018 5:51 pm


WAGO PFC200

NCCIC is aware of a public report of an improper authentication vulnerability affecting WAGO PFC200, a Programmable Logic Controller (PLC) device. According to this report, the vulnerability is exploitable by sending a TCP payload on the bound port...
More details.

Posted on 7 December 2017 9:11 pm


Eaton ELCSoft Vulnerabilities

NCCIC/ICS-CERT is aware of a public report of buffer overflow vulnerabilities affecting Eaton ELCSoft, a PLC programming software for Eaton Logic Control (ELC) controllers. According to the public report, which was coordinated with ICS-CERT prior to its public release, researcher Ariele Caltabiano (kimiya) working with Trend Micro's Zero Day Initiative, identified that an attacker can leverage these vulnerabilities to execute arbitrary code in the context of the process...
More details.

Posted on 4 August 2017 7:11 pm


CAN Bus Standard Vulnerability

NCCIC/ICS-CERT is aware of a public report of a vulnerability in the Controller Area Network (CAN) Bus standard with proof-of-concept (PoC) exploit code affecting CAN Bus, a broadcast based network standard...
More details.

Posted on 28 July 2017 7:34 pm


CRASHOVERRIDE Malware

CRASHOVERRIDE, aka, Industroyer, is the fourth family of malware publically identified as targeting industrial control systems (ICS). It uses a modular design, with payloads that target several industrial communication protocols and are capable of directly controlling switches and circuit breakers...
More details.

Posted on 25 July 2017 4:45 pm


Petya Malware Variant (Update C)

This updated alert is a follow-up to the updated alert titled ICS-ALERT-17-181-01B Petya Malware Variant that was published July 5, 2017, on the NCCIC/ICS-CERT web site. ICS-CERT is aware of reports of a variant of the Petya malware that is affecting several countries...
More details.

Posted on 30 June 2017 9:09 pm



What we do and what we offer.

About penetration tests and about our news.


Our certificates:

(ISC)2
CISSP
Offensive Security
OSCP
ISACA
CISA
CISM
Microsoft
PECB
LPTP
Qualys
PECB
LPTP
BSI